In the never-ending competition between browsers, the ability to keep the user safe from malicious software has been key. Now, Google said it has beefed up the ability of its Chrome browser to let a user know of a malware download threat -- and to stop it.

In a posting Thursday on the Google Chrome Blog, Google vice president Linus Upson wrote that “online criminals are increasing their use of malicious software that can silently hijack your browser settings,” and added that such a subject was a “top issue” in Chrome-related forums.

Upson said that in the current build of Chrome Canary, the browser will automatically block downloads of any malware it detects, and will display a warning at the bottom of the browser window. The warning says that such-and-such a file “is malicious and Chromium has blocked it,” and it contains a "Dismiss" button once the warning has been read.

‘Reset Browser Settings’

Chrome Canary is a pre-release version of Chrome that is designed only for developers or early adopters because, as Google says, it “can sometimes break down completely.”

In the last update of Chrome, Google added a “reset browser settings” button, so that the settings could be restored if a user had been tricked into downloading some software, such as a free screensaver, a video plug-in or even what’s supposed to be a security update, which then could change the homepage or impose ads on visited Web sites.

To keep the user locked in, that kind of malware can block a user’s ability to reset the browser settings, and the new reset settings button is intended to combat such a hijacking.

The Chrome browser flags more than 10,000 new Web sites daily via its Safe Browsing feature, which also has the capability to detect and block malicious downloads.

Malware on php.net

The Safe Browsing tool, which the Firefox and Safari browsers also use in a version licensed from Google, can sometimes detect malware in the most unlikely spots. Last week, for instance, php.net, the online home base for the popular PHP programming language, reported that it had been blocked by the Chrome browser because of malware.

When that warning became known, the PHP Group, which runs that site, released a statement that said the Chrome alert “looked a lot like a false positive because we had some minified/obfuscated javascript being dynamically injected into userpref.js.” The organization said it turned out that there was some malware that was being occasionally injected into the page, that could have led to the installation of an information-stealing Trojan.

Hackers target the software with the largest installed base, and the Chrome browser has become the most widely used browser. Last week, the social analytics firm Shareaholic released stats for 2013 thus far. In September, its figures showed that Chrome was used more than Firefox, Internet Explorer and Opera put together, and, if you counted Chrome with Google’s standard Android browser, the usage was more than Firefox and Safari combined. Only Chrome and the stock Android browser were showing double-digit growth among browsers, the firm said.

Splunk for Free:
Find the meaning in your machine-generated data with the new Splunk Online Sandbox. It's a private workspace in the cloud where you can search, analyze, and visualize your own data, or just play around with pre-populated data sets. It's fast, it's powerful, and it's free. Click here to learn more.